How NOT to take care of a grant
My generous father paid for my entire education at the University of Texas back in the ‘80s. For the first two years, he paid the University directly for my tuition, dormitory, and food plan. Tuition then was a whopping $464 a semester! I estimate he might have shelled out about $13,000 for my first two years.
At the end of my second year, I decided I should live on my own in an apartment. He gave me a lump sum of $20,000 and figured that he wouldn’t need to give me any more money, ever. We had an agreement that once I finished college, I was off the payroll.
I promptly deposited the money in my checking account and started spending on the things I thought I needed. I needed some things for my apartment, like a broom and basic pots and pans. I needed to go visit my future husband’s family in Hawaii over the winter break. I needed some beer for the weekend and slices of pizza at Nicki’s on campus for lunch every day. You know where this is going. My “needs” burned through the money in a little over a year.
When I called him to ask for more, he was shocked and not too pleased. He made sure never to give a teenager a lump sum of $20,000 ever again. My younger sister was managed under a completely different plan! (Sorry, Rosie!) For her he:
- Dolled out money in small chunks, not a lump sum
- Told her what she could and could not spend money on
- Had access to her bank account to watch her spending
- Demanded her report cards before he would send her any more money
- Required that she live in the dorm for longer and then get a roommate after that
- Held monthly phone meetings with her to discuss her finances and progress toward getting her degree
In other words, he wised up and he cracked down.
The federal government has seen all this before
Unlike my generous and unsuspecting dad, the federal government has had hundreds of bad experiences with grantees that have led them to wise up and crack down. The federal government sends money to a variety of entities expecting them to use it as intended. But as you can imagine, sometimes the money goes for beer and trips to Hawaii instead.
So, over time, the federal government has put into place all sorts of mechanisms that make sure their money is spent as intended and that they are getting the results they desire. The feds have:
- Published rules about what are allowable expenditures through the Cost Principles contained in a publication called the Uniform Guidance
- Required grantees to develop and maintain a budget per the administrative rules in the Uniform Guidance
- Required grantees to request reimbursement in increments
- Require grantees to report performance measures to indicate progress toward the objectives of the grant
- Reimburse grantees for the cost of being audited by an independent, objective third party to make sure they are complying and spending money properly
- Send personal representatives of the federal government to visit and clean house if the audit report looks iffy
Did you catch the last two bullets? The federal government is not your daddy; they don’t’ have the manpower to call you every month and watch your bank account to make sure everything is going well. Instead, they pay auditors to do an annual check up on their behalf.
If the federal government gives the grantee more than $750,000 a year, the grantee is required to undergo a specially designed audit that has three main objectives:
- Are the financial statements accurate?
- Is the entity in compliance with our rules and expectation?
- Does the entity have controls in place to make sure they remain in compliance with our rules and expectations?
This audit is called the Single Audit (I’ll explain the name and more about the audit in the next chapters).
The grantees include as part of their grant budget the cost of hiring an independent auditor to perform the Single Audit. The resulting Single Audit report is submitted to the federal grantor and they use it to decide if they need to come visit the grantee personally. When the federal grantor comes to visit, they may demand additional controls be put in place, ask for the money back, and/or stop sending money to the grantee entirely. Sounds like the “Come to Jesus” meeting I had with my dad when he laid down the gospel for the rest of my college career!
The purpose of this text is to describe how to conduct the Single Audit. But before we get too far, I also want to describe what an auditor does.
An Auditor’s Role
So here you are, an auditor. No other job title is more likely to be a conversation stopper at a dinner party. No one likes to be audited.
But auditors do have an important role to play because, unfortunately, the federal government can’t trust program managers when they say, “Everything here is fine. Don’t worry about us!” Government leaders and citizens do worry and want assurance from someone they can trust that things are going well. The auditor is that professional whom the grantor, government leaders and the citizens can trust.
One definition of auditor is an independent professional who evaluates a subject matter against agreed-upon criteria.
This definition has several important components: independence, subject matter, and criteria. Let’s look at each of those components in turn.
Independence
Auditors must be independent of their clients and the subject matter they are auditing. But who are these clients?
The Government Accountability Office (GAO), the federal audit organization that writes the governmental auditing standards (a.k.a. the Yellow Book) contains a very broad definition of “client.” The GAO says, “A distinguishing mark of an auditor is acceptance of responsibility to serve the public interest.” And they define public interest as “the collective well-being of the community and entities the auditors serve.” Did you know you had such a noble job?
CPAs are held to the same standard. They are certified public accountants after all. They have a primary responsibility to the public and a secondary responsibility to their audit client.
Clients in the government realm include management of the auditee, governing bodies, oversight bodies, special interest groups, other citizens, and the people who actually benefit from the government’s services.
If you think about it, auditors are often the only professionals involved in an organization or in a program who can comfortably speak the truth because they are, hopefully, shielded from backlash because they are independent.
3.22 Auditors and audit organizations maintain their independence so that their opinions, findings, conclusions, judgments, and recommendations will be impartial and will be viewed as impartial by reasonable and informed third parties.
The recipients of government funds aren’t likely to uncover their own risks or highlight their own weaknesses because they could lose their funding. And the oversight bodies might be so far removed from the program that they don’t have a sense of what is really happening.
You can make quite a difference in an organization. The GAO’s Yellow Book says that you are “essential to the nation’s governing process!” Wow, that is quite a responsibility!
Subject Matter and Criteria
Auditors opine or conclude on whether a subject matter meets a certain criteria.
All auditors struggle to keep their audits limited in size and scope. It is extremely easy to create monstrous projects that are hard to reign in and report on.
Imagine performing the Single Audit on an entity as large as the State of Texas Government! That is exactly what the Texas State Auditor did when I worked there in the early ‘90s. It took 100 auditors six months to perform an audit of the federal grants received by approximately 200 state entities. My specialty was performing the Single Audit of state universities. Other auditors specialized in auditing health and human services grants or technology grants. If we were not clear on exactly what questions we were answering, we might still all be working on that monster project!
In response to this struggle, most audit standards require that you develop a finite objective and scope for each engagement. Imbedded in the audit objective are the audit subject and the criteria the auditor will use to evaluate the audit subject.
The GAO has this to say about the audit objective and scope in the Yellow Book:
8.08 The audit objectives are what the audit is intended to accomplish. They identify the audit subject matter and performance aspects to be included. Audit objectives can be thought of as questions about the program that the auditors seek to answer based on evidence obtained and assessed against criteria. Audit objectives may also pertain to the current status or condition of a program. The term program as used in GAGAS includes processes, projects, studies, policies, operations, activities, entities, and functions.
8.10 Scope is the boundary of the audit and is directly tied to the audit objectives. The scope defines the subject matter that the auditors will assess and report on, such as a particular program or aspect of a program, the necessary documents or records, the period of time reviewed, and the locations that will be included.
The objective and scope define what the project is, as well as what it is not. Objectives are assessed against agreed-upon criteria, which are benchmarks established by law, governing organizations, or company policies and procedures.
To satisfy the audit objective, you will gather and document audit evidence. The techniques that you use to gather evidence are called audit methodologies.
8.11 The methodology describes the nature and extent of audit procedures for gathering and analyzing evidence to address the audit objectives. Audit procedures are the specific steps and tests auditors perform to address the audit objectives.
All three of these elements – the objective, scope, and methodology – are essential to describe what you seek to accomplish on the audit. The GAO requires that auditors both document these three defining project elements in the working papers and disclose them in the audit report.
The federal grantors specifically direct Single Auditors. They provide three master objectives and define the scope of the audit. In a document called the compliance supplement, the feds often tell auditors exactly what methodology they want them to use to test a particular grant.
Audit Deliverables
As Stephen Covey says, you should begin with the end in mind. So, before we dig into the steps of conducting an audit, let’s look at what you will have when you are all done.
Auditors create three final deliverables from an audit project:
- The answer to the audit objective – called either an audit conclusion or an audit opinion
- Findings – issues that the auditor would like to see addressed or corrected by the client
- Working papers – documentation of the evidence the auditor gathered to support the conclusions and the findings.
If you are following GAO’s audit standards (The Yellow Book) for performance audits, you must include this sentence in your audit report:
9.03 …We believe that the evidence obtained provides a reasonable basis for our findings and conclusions based on our audit objectives.
That sentence sums up what auditors do pretty nicely. We gather evidence to support our conclusions. How we conclude on an audit is driven by our initial objective and how many findings we report.
One of the least appealing aspects of an auditing job is that every decision that is made must be documented. We must support every statement in our audit report with underlying evidence and rationales for every judgment call we make. We do this so that when the client resists our findings and questions how we reached our conclusions (notice I did not say “if the client resists, but “when the client resists!”), we have strong, convincing support for what we are saying.
8.132 Auditors must prepare audit documentation related to planning, conducting, and reporting for each audit. Auditors should prepare audit documentation in sufficient detail to enable an experienced auditor, having no previous connection to the audit, to understand from the audit documentation the nature, timing, extent, and results of audit procedures performed; the evidence obtained; and its source and the conclusions reached, including evidence that supports the auditors’ significant judgments and conclusions.
8.133 Auditors should prepare audit documentation that contains evidence that supports the findings, conclusions, and recommendations before they issue their report.
What I will do in this text is show you the steps Single Auditors follow to create their three main deliverables (the conclusion/opinion, the findings, and the audit documentation).
Let’s Tweak That Definition of an Author
Now that we have discussed independence, audit subject matter, audit criteria, and audit deliverables, we should tweak our definition of an auditor. We began with this definition: An independent professional who evaluates a subject matter against agreed-upon criteria.
Please allow me to enhance it a bit based on what we just read: An auditor is an independent professional who concludes whether a subject matter meets an agreed-upon criteria by gathering evidence through performing custom-designed audit methodologies. Aren’t you glad I didn’t start with that?